openstack/swift
Code Issues Proposed changes
d4c0a7d3b3
swift/doc/source/apache_deployment_guide.rst
Renich Bon Ćirić 6f4143d996 Clean up apache deployment docs 
docs: Removing the use of NameVirtualHost from the apache examples

It's not used anymore. It's deprecated in fact: https://httpd.apache.org/docs/2.4/mod/core.html#namevirtualhost

Change-Id: I76999cfacc10a244024ee0cca66dda95a0169a67

docs: Added more spacing to the apache2 examples

They're easier to read and a bit less bloated.

Change-Id: I5e21a66018b7ef309918fbbde93f2494286d291e

docs: Switching to /srv/www to be more FHS 3.0 conformat

It's more modern and well supported to use /srv/www now in place of
/var/www.

Change-Id: Icd09ed4d5fb4e2b9b84ddead21313ea1c0a87c91
ref: https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch03s17.html

docs: Added user, group and display name in WSGI examples

This properly sets the user and group for the wsgi processes in the
examples; as well as adding a display name for easier identification.

Change-Id: Ie5783081e4054e5b2fbf3a856716101a1aaf61b8

docs: Replace apachectl for systemctl commands

It's safe to asume that all modern distros; supported by OpenStack, will
have systemd implemented. It's better to favor systemctl in those cases.

Change-Id: Ic0d2e47c1ac53502ce638d6fc2424ab9df037262

docs: Emphasis to file paths and command options

I've enclosed configuration options or parameters in interpreted text
quotes.

Also, I've enclosed fiel paths with inline literal quotes.

Change-Id: Iec54b7758bce01fc8e8daff48498383cb70c62ce

docs: Fixed wording used to indicate the restart of apache

Just a little commit to make it clearer of what we're gonna do.

Change-Id: Id5ab3e94519bcfe1832b92e456a1d1fa81dd54e3
2020-10-01 16:04:55 -05:00

194 lines
6.8 KiB
ReStructuredText
Raw Blame History

=======================
Apache Deployment Guide
=======================
----------------------------
Web Front End Considerations
----------------------------
Swift can be configured to work both using an integral web front-end and using a
full-fledged Web Server such as the Apache2 (HTTPD) web server. The integral
web front-end is a wsgi mini "Web Server" which opens up its own socket and
serves http requests directly. The incoming requests accepted by the integral
web front-end are then forwarded to a wsgi application (the core swift) for
further handling, possibly via wsgi middleware sub-components.
client<---->'integral web front-end'<---->middleware<---->'core swift'
To gain full advantage of Apache2, Swift can alternatively be configured to work
as a request processor of the Apache2 server. This alternative deployment
scenario uses mod_wsgi of Apache2 to forward requests to the swift wsgi
application and middleware.
client<---->'Apache2 with mod_wsgi'<----->middleware<---->'core swift'
The integral web front-end offers simplicity and requires minimal configuration.
It is also the web front-end most commonly used with Swift. Additionally, the
integral web front-end includes support for receiving chunked transfer encoding
from a client, presently not supported by Apache2 in the operation mode
described here.
The use of Apache2 offers new ways to extend Swift and integrate it with
existing authentication, administration and control systems. A single Apache2
server can serve as the web front end of any number of swift servers residing on
a swift node. For example when a storage node offers account, container and
object services, a single Apache2 server can serve as the web front end of all
three services.
The apache variant described here was tested as part of an IBM research work.
It was found that following tuning, the Apache2 offer generally equivalent
performance to that offered by the integral web front-end. Alternative to
Apache2, other web servers may be used, but were never tested.
-------------
Apache2 Setup
-------------
Both Apache2 and mod-wsgi needs to be installed on the system. Ubuntu comes
with Apache2 installed. Install mod-wsgi using::
sudo apt-get install libapache2-mod-wsgi
Create a directory for the Apache2 wsgi files::
sudo mkdir /srv/www/swift
Create a working directory for the wsgi processes::
sudo mkdir -m 2770 /var/lib/swift
sudo chown swift:swift /var/lib/swift
Create a file for each service under ``/srv/www/swift``.
For a proxy service create ``/srv/www/swift/proxy-server.wsgi``::
from swift.common.wsgi import init_request_processor
application, conf, logger, log_name = \
init_request_processor('/etc/swift/proxy-server.conf','proxy-server')
For an account service create ``/srv/www/swift/account-server.wsgi``::
from swift.common.wsgi import init_request_processor
application, conf, logger, log_name = \
init_request_processor('/etc/swift/account-server.conf',
'account-server')
For an container service create ``/srv/www/swift/container-server.wsgi``::
from swift.common.wsgi import init_request_processor
application, conf, logger, log_name = \
init_request_processor('/etc/swift/container-server.conf',
'container-server')
For an object service create ``/srv/www/swift/object-server.wsgi``::
from swift.common.wsgi import init_request_processor
application, conf, logger, log_name = \
init_request_processor('/etc/swift/object-server.conf',
'object-server')
Create a ``/etc/apache2/conf.d/swift_wsgi.conf`` configuration file that will
define a port and Virtual Host per each local service. For example an Apache2
serving as a web front end of a proxy service::
# Proxy
Listen 8080
<VirtualHost *:8080>
ServerName proxy-server
LimitRequestBody 5368709122
LimitRequestFields 200
WSGIDaemonProcess proxy-server processes=5 threads=1 user=swift group=swift display-name=%{GROUP}
WSGIProcessGroup proxy-server
WSGIScriptAlias / /srv/www/swift/proxy-server.wsgi
LogLevel debug
CustomLog /var/log/apache2/proxy.log combined
ErrorLog /var/log/apache2/proxy-server
</VirtualHost>
Notice that when using Apache the limit on the maximal object size should be
imposed by Apache using the `LimitRequestBody` rather by the swift proxy. Note
also that the `LimitRequestBody` should indicate the same value as indicated by
`max_file_size` located in both ``/etc/swift/swift.conf`` and in
``/etc/swift/test.conf``. The Swift default value for `max_file_size` (when not
present) is `5368709122`. For example an Apache2 serving as a web front end of a
storage node::
# Object Service
Listen 6200
<VirtualHost *:6200>
ServerName object-server
LimitRequestFields 200
WSGIDaemonProcess object-server processes=5 threads=1 user=swift group=swift display-name=%{GROUP}
WSGIProcessGroup object-server
WSGIScriptAlias / /srv/www/swift/object-server.wsgi
LogLevel debug
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/object-server
</VirtualHost>
# Container Service
Listen 6201
<VirtualHost *:6201>
ServerName container-server
LimitRequestFields 200
WSGIDaemonProcess container-server processes=5 threads=1 user=swift group=swift display-name=%{GROUP}
WSGIProcessGroup container-server
WSGIScriptAlias / /srv/www/swift/container-server.wsgi
LogLevel debug
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/container-server
</VirtualHost>
# Account Service
Listen 6202
<VirtualHost *:6202>
ServerName account-server
LimitRequestFields 200
WSGIDaemonProcess account-server processes=5 threads=1 user=swift group=swift display-name=%{GROUP}
WSGIProcessGroup account-server
WSGIScriptAlias / /srv/www/swift/account-server.wsgi
LogLevel debug
CustomLog /var/log/apache2/access.log combined
ErrorLog /var/log/apache2/account-server
</VirtualHost>
Enable the newly configured Virtual Hosts::
a2ensite swift_wsgi.conf
Next, stop, test and start Apache2 again::
# stop it
systemctl stop apache2.service
# test the configuration
apache2ctl -t
# start it if the test succeeds
systemctl start apache2.service
Edit the tests config file and add::
web_front_end = apache2
normalized_urls = True
Also check to see that the file includes `max_file_size` of the same value as
used for the `LimitRequestBody` in the apache config file above.
We are done. You may run functional tests to test - e.g.::
cd ~swift/swift
./.functests
View Git Blame Copy Permalink